Tech Docs: Five New Features in the Traps Management Service

Charissa Fleischer


tech docs

That’s right! The August release of the Traps management services introduces five new features designed to simplify endpoint management and security event investigation:

1. Clickable Dashboard—From the Dashboard you can now jump to a filtered list of endpoints that share any of the following characteristics:

  • Platform operating system
  • License status (to view a list of all licensed endpoints)
  • Content update status (latest or outdated)

trapsMGMT_1

For security events, you can also jump to filtered lists of unresolved events by severity. The Dashboard quick links enable you to quickly identify endpoints for which administrative action may be required.

2. Enhanced Endpoint Filters—To refine the number of endpoints on the Endpoints page, you can now apply new endpoint search filters:

  • Agent Version—Filters all endpoints for specific agent versions. Using this filter you can quickly identify all endpoints running older Traps versions and upgrade them to the latest Traps version thus ensuring the endpoint takes advantage of the latest security policy and Traps features.
  • Content Version—Filters all endpoints for specific content update versions. This filter provides visibility into which endpoints are using older content versions.

trapsMGMT_2

 

3. Security Event Search by Event ID—If you already know the unique event ID for a security event, you can now use that ID to quickly locate a security event. To filter security events for an Event ID you must enter the complete ID value.

trapsMGMT_1

 

4. Hash Exceptions Search      —To quickly locate a hash exception, you can now search hash exceptions using the complete SHA256 value.

5. Process Exceptions Assignment Enhancement—To quickly configure process exceptions for select endpoints, you can now assign process exceptions to endpoint groups, AD groups, and AD organizational units (OU). Process exceptions will apply only to the platform type specified in the exception. In addition, in the case of AD objects that specify users and endpoints, a process exception will apply only on endpoints.

For more details on the new features, please refer to the following resources:

Happy reading!
Your friendly Technical Documentation team

Have questions? Contact us at documentation@paloaltonetworks.com.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.


© 2018 Palo Alto Networks, Inc. All rights reserved.